[openssl-users] DTLS and packet loss
Matt Caswell
matt at openssl.org
Mon Jun 1 09:39:10 UTC 2015
On 01/06/15 10:08, Alfred E. Heggestad wrote:
> Hi,
>
> we are using OpenSSL to deploy DTLS-SRTP, Ref:
>
> http://www.creytiv.com/doxygen/re-dox/html/tls__udp_8c.html
>
>
> it works really well, thanks for the good code.
> one scenario that does not work so well, is when DTLS
> is running in an environment with packet loss.
> for example, we get this error message:
>
> 140735307322128:error:1411B09F:SSL
> routines:ssl3_get_new_session_ticket:length mismatch:s3_clnt.c:2183:
>
>
> any hints of where I should start looking ?
Can you confirm which version of OpenSSL you are running?
Are you also running OpenSSL on the server side (and if so which version
there)?
The error message suggests that the NewSessionTicket message that has
been received by the client is incorrectly formatted.
A packet capture for a problem handshake might help diagnose the problem
further.
Matt
More information about the openssl-users
mailing list